<
From version < 27.2 >
edited by Silvia Macovei
on 2010/10/22
To version < 27.3 >
edited by Sorin Burjan
on 2010/10/22
>
Change comment: There is no comment for this version

Summary

Details

Page properties
Author
... ... @@ -1,1 +1,1 @@
1 -XWiki.SilviaRusu
1 +XWiki.Sorin
Content
... ... @@ -221,7 +221,7 @@
221 221  
222 222  == Various Security improvements ==
223 223  
224 -Continuing a push for better security started this summer, 2.5M2 fixes some of the few remaining cross-site scripting and SQL injections holes, and tightens the scope of programming rights. Of particular concern:
224 +Continuing a push for better security started this summer, 2.5 fixes some of the few remaining cross-site scripting and SQL injections holes, and tightens the scope of programming rights. Of particular concern:
225 225  
226 226  * With a default skin, programming rights are no longer available after the main content of the page; this means that the panels and the bottom tabs can't use restricted APIs anymore.
227 227  * To explicitly drop programming rights, a new API method was introduced: ##$xcontext.dropPermissions()##

Get Connected